Resources for the Information Security & Privacy Professional

Tag Archives: MAC address

While visiting the local Neiman Marcus in San Francisco I happened to go to the basement floor to visit the restrooms and found this interesting notice about a product called Euclid posted on a small sign.

It reads, “To enhance our customer’s experience, we use Euclid to identify mobile devices in and around our stores. Only the information that your device publicly broadcasts will be collected. If you do not want this information collected, or want to learn more information about Euclid, visit euclidelements.com/consumer.”

On the website, the company swears they care about privacy and they do:

Limited data collection

Only share aggregated and anonymous information

Easy opt-out and delete

To opt out you have to share your MAC address with this company. It seems odd to have to share identifying information with a company in order to enable them not to identify you especially since then they will also have the MAC address of the computer you used to access their website and your IP address too! Apparently the company tracks phones listening for wifi access points so they can determine your MAC address (which uniquely identifies your phone on a wifi network.)

As soon as a hacker worth her salt breaks open their database, the movements of thousands of mobile phones through malls will become public information. How much does Euclid invest in information security? No idea.

Of course, the average person entering the store–or merely walking by– will never see this sign. Consumers are advised to kiss their privacy good-bye and perhaps to turn off wifi and Bluetooth on their phones when not in use.